
var jwt = require('jsonwebtoken')
var secret = 'alskdjflasjdkflasjdklfjaldsf45a234s$$$q2323@@d65fa6sd4f6asd45f6asdfasdfasdfa321321asdf'

function checkToken(req,res,next){
  let {token} = req.headers
  jwt.verify(token,secret,(err,decoded)=>{
    if(err){  //合法性
      console.log(err);
      res.send({
        code:120,
        msg:"非法token，请登录"
      })
      return
    }
    console.log(decoded);  //解析到的token中携带的信息数据包
    let now = Date.now() 
    let {time,limit} = decoded
    if(now-time>=limit){  //有效性
      res.send({
        code:121,
        msg:'token过期，请重新登录'
      })
      return
    }
  })
  //放行
  next()
}

module.exports = {
  checkToken
}